Commit 655547b8 authored by Till Brehm's avatar Till Brehm

Add extended Log file controls for apache.

parent 442f2576
......@@ -859,6 +859,28 @@ function is_ispconfig_ssl_enabled() {
}
}
/*
* Is anonymization enabled in ispconfig.conf file
*/
function get_logging_state() {
global $conf;
$ispconfig_conf_file = $conf['apache']['vhost_conf_dir'].'/ispconfig.conf';
if(is_file($ispconfig_conf_file)) {
$tmp = file_get_contents($ispconfig_conf_file);
if(stristr($tmp, '/usr/local/ispconfig/server/scripts/vlogger -p -s access.log')) {
return 'anon';
} elseif(stristr($tmp, '/usr/local/ispconfig/server/scripts/vlogger -s access.log')) {
return 'yes';
} else {
return 'no';
}
} else {
return 'yes';
}
}
/**
Function to find the hash file for timezone detection
(c) 2012 Marius Cramer, pixcept KG, m.cramer@pixcept.de
......
......@@ -2010,6 +2010,11 @@ class installer_base {
$tpl->setVar('apps_vhost_basedir',$conf['web']['website_basedir']);
$tpl->setVar('apps_vhost_servername',$apps_vhost_servername);
$tpl->setVar('apache_version',getapacheversion());
if($this->is_update == true) {
$tpl->setVar('logging',get_logging_state());
} else {
$tpl->setVar('logging','yes');
}
// comment out the listen directive if port is 80 or 443
......
......@@ -6,7 +6,12 @@
SetEnvIf Request_URI "^/datalogstatus.php$" dontlog
LogFormat "%v %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig
<tmpl_if name='logging' op='==' value='anon'>
CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -p -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog
</tmpl_if>
<tmpl_if name='logging' op='==' value='yes'>
CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog
</tmpl_if>
<Directory /var/www/clients>
AllowOverride None
......
......@@ -29,6 +29,7 @@ munin_user=
munin_password=
monitor_system_updates=y
migration_mode=n
log_retention=10
[mail]
module=postfix_mysql
......@@ -113,6 +114,7 @@ overquota_notify_freq=7
overquota_db_notify_admin=y
overquota_db_notify_client=y
overquota_notify_onok=n
logging=yes
[dns]
bind_user=root
......
......@@ -395,6 +395,17 @@ $form["tabs"]['server'] = array(
'default' => 'y',
'value' => array(0 => 'n', 1 => 'y')
),
'log_retention' => array (
'datatype' => 'INTEGER',
'formtype' => 'TEXT',
'validators' => array ( 0 => array ( 'type' => 'ISPOSITIVE',
'errmsg'=> 'log_retention_error_ispositive'),
),
'default' => '30',
'value' => '',
'width' => '4',
'maxlength' => '4'
),
'migration_mode' => array(
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
......@@ -910,6 +921,12 @@ $form["tabs"]['web'] = array(
'default' => 'y',
'value' => array(0 => 'n', 1 => 'y')
),
'logging' => array(
'datatype' => 'VARCHAR',
'formtype' => 'SELECT',
'default' => 'yes',
'value' => array('yes' => 'Yes', 'anon' => 'Anonymize IP', 'no' => 'No')
),
'overtraffic_notify_admin' => array(
'datatype' => 'VARCHAR',
'formtype' => 'CHECKBOX',
......
......@@ -288,4 +288,8 @@ $wb["apps_vhost_enabled_txt"] = "Apps-vhost enabled";
$wb['skip_le_check_txt'] = 'Skip Lets Encrypt Check';
$wb['migration_mode_txt'] = 'Server Migration Mode';
$wb['nginx_enable_pagespeed_txt'] = 'Makes Pagespeed available';
$wb['logging_txt'] = 'Store website access and error logs';
$wb['logging_desc_txt'] = 'Use Tools > Resync to apply changes to existing sites.';
$wb['log_retention_txt'] = 'Log retention (days)';
$wb['log_retention_error_ispositive'] = 'Log retention must be a number > 0';
?>
......@@ -80,6 +80,10 @@
</div>
</div>
<div class="form-group">
<label for="log_retention" class="col-sm-3 control-label">{tmpl_var name='log_retention_txt'}</label>
<div class="col-sm-9"><input type="text" name="log_retention" id="log_retention" value="{tmpl_var name='log_retention'}" class="form-control" /></div>
</div>
<div class="form-group">
<label for="monit_url" class="col-sm-3 control-label">{tmpl_var name='monit_url_txt'}</label>
<div class="col-sm-6"><input type="text" name="monit_url" id="monit_url" value="{tmpl_var name='monit_url'}" class="form-control" />&nbsp;{tmpl_var name='monit_url_note_txt'} <a href="javascript:void(0);" class="addPlaceholder">[SERVERNAME]</a></div>
</div>
......
......@@ -104,6 +104,14 @@
<div class="col-sm-9">
{tmpl_var name='enable_ip_wildcard'}
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">{tmpl_var name='logging_txt'}</label>
<div class="col-sm-9">
<select name="logging" id="logging" class="form-control">
{tmpl_var name='logging'}
</select>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">{tmpl_var name='overtraffic_notify_admin_txt'}</label>
......
......@@ -62,7 +62,7 @@ $form["tabs"]['template'] = array (
'datatype' => 'VARCHAR',
'formtype' => 'SELECT',
'default' => '',
'value' => array('welcome' => 'Default welcome email', 'other' => 'Other')
'value' => array('welcome' => 'Default welcome email', 'gdpr' => 'GDPR data send', 'other' => 'Other')
),
'template_name' => array (
'datatype' => 'VARCHAR',
......
......@@ -94,6 +94,22 @@ if ($settings['use_domain_module'] == 'y') {
unset($items);
}
/*
// GDPR functions for admin only, might be extended for resellers later
if($_SESSION["s"]["user"]["typ"] == 'admin'){
$items = array();
$items[] = array( 'title' => 'Send Personal Data',
'target' => 'content',
'link' => 'client/gdpr_send.php');
$module['nav'][] = array( 'title' => 'GDPR',
'open' => 1,
'items' => $items);
unset($items);
}
*/
/*
if($_SESSION["s"]["user"]["typ"] == 'admin'){
$items[] = array( 'title' => "Interface Settings",
......
......@@ -947,18 +947,18 @@ if($_SESSION["s"]["user"]["typ"] == 'admin'
'width' => '3',
'maxlength' => '6'
),
'log_retention' => array (
'datatype' => 'INTEGER',
'formtype' => 'TEXT',
'validators' => array ( 0 => array ( 'type' => 'REGEX',
'regex' => '/^([0-9]{1,4})$/',
'errmsg'=> 'log_retention_error_regex'),
),
'default' => '30',
'value' => '',
'width' => '4',
'maxlength' => '4'
)
'log_retention' => array (
'datatype' => 'INTEGER',
'formtype' => 'TEXT',
'validators' => array ( 0 => array ( 'type' => 'REGEX',
'regex' => '/^([0-9]{1,4})$/',
'errmsg'=> 'log_retention_error_regex'),
),
'default' => '30',
'value' => '',
'width' => '4',
'maxlength' => '4'
)
//#################################
// ENDE Datatable fields
//#################################
......
......@@ -1399,6 +1399,14 @@ class page_action extends tform_actions {
$app->uses("getconf");
$web_rec = $app->tform->getDataRecord($this->id);
$web_config = $app->getconf->get_server_config($app->functions->intval($web_rec["server_id"]), 'web');
// get global log retention value as default for web log retention
$server_config = $app->getconf->get_server_config($app->functions->intval($web_rec["server_id"]), 'server');
if($server_config['log_retention'] > 0) {
$log_retention = $server_config['log_retention'];
} else {
$log_retention = 10;
}
if($this->_vhostdomain_type == 'domain') {
$document_root = str_replace("[website_id]", $this->id, $web_config["website_path"]);
......@@ -1432,8 +1440,8 @@ class page_action extends tform_actions {
$htaccess_allow_override = $web_config["htaccess_allow_override"];
$added_by = $_SESSION['s']['user']['username'];
$sql = "UPDATE web_domain SET system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ?, added_date = CURDATE(), added_by = ? WHERE domain_id = ?";
$app->db->query($sql, $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $added_by, $this->id);
$sql = "UPDATE web_domain SET system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ?, added_date = CURDATE(), added_by = ?, log_retention WHERE domain_id = ?";
$app->db->query($sql, $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $added_by, $log_retention, $this->id);
} else {
// Set the values for document_root, system_user and system_group
$system_user = $this->parent_domain_record['system_user'];
......@@ -1446,8 +1454,8 @@ class page_action extends tform_actions {
$htaccess_allow_override = $this->parent_domain_record['allow_override'];
$added_by = $_SESSION['s']['user']['username'];
$sql = "UPDATE web_domain SET sys_groupid = ?, system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ?, added_date = CURDATE(), added_by = ? WHERE domain_id = ?";
$app->db->query($sql, $this->parent_domain_record['sys_groupid'], $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $added_by, $this->id);
$sql = "UPDATE web_domain SET sys_groupid = ?, system_user = ?, system_group = ?, document_root = ?, allow_override = ?, php_open_basedir = ?, added_date = CURDATE(), added_by = ?, log_retention WHERE domain_id = ?";
$app->db->query($sql, $this->parent_domain_record['sys_groupid'], $system_user, $system_group, $document_root, $htaccess_allow_override, $php_open_basedir, $added_by, $log_retention, $this->id);
}
if(isset($this->dataRecord['folder_directive_snippets'])) $app->db->query("UPDATE web_domain SET folder_directive_snippets = ? WHERE domain_id = ?", $this->dataRecord['folder_directive_snippets'], $this->id);
......
......@@ -6,7 +6,12 @@
SetEnvIf Request_URI "^/datalogstatus.php$" dontlog
LogFormat "%v %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig
<tmpl_if name='logging' op='==' value='anon'>
CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -p -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog
</tmpl_if>
<tmpl_if name='logging' op='==' value='yes'>
CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog
</tmpl_if>
<Directory /var/www/clients>
AllowOverride None
......
......@@ -45,7 +45,12 @@
</tmpl_if>
</tmpl_if>
<tmpl_if name='logging' op='==' value='anon'>
ErrorLog "|/usr/local/ispconfig/server/scripts/vlogger -e -n -P -t \"error.log\" /var/log/ispconfig/httpd/<tmpl_var name='domain'>"
</tmpl_if>
<tmpl_if name='logging' op='==' value='yes'>
ErrorLog /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log
</tmpl_if>
<tmpl_if name='errordocs'>
Alias /error/ "<tmpl_var name='web_document_root_www'>/error/"
......
......@@ -50,7 +50,14 @@ class cronjob_logfiles extends cronjob {
public function onRunJob() {
global $app, $conf;
$max_syslog = 10;
$app->uses('getconf');
$server_config = $app->getconf->get_server_config($conf['server_id'], 'server');
if($server_config['log_retention'] > 0) {
$max_syslog = $server_config['log_retention'];
} else {
$max_syslog = 10;
}
//######################################################################################################
// Make the web logfiles directories world readable to enable ftp access
......
......@@ -73,6 +73,9 @@ class apache2_plugin {
$app->plugins->registerEvent('server_ip_insert', $this->plugin_name, 'server_ip');
$app->plugins->registerEvent('server_ip_update', $this->plugin_name, 'server_ip');
$app->plugins->registerEvent('server_ip_delete', $this->plugin_name, 'server_ip');
$app->plugins->registerEvent('server_insert', $this->plugin_name, 'server_ip');
$app->plugins->registerEvent('server_update', $this->plugin_name, 'server_ip');
$app->plugins->registerEvent('webdav_user_insert', $this->plugin_name, 'webdav');
$app->plugins->registerEvent('webdav_user_update', $this->plugin_name, 'webdav');
......@@ -1160,6 +1163,7 @@ class apache2_plugin {
$vhost_data['ssl_domain'] = $data['new']['ssl_domain'];
$vhost_data['has_custom_php_ini'] = $has_custom_php_ini;
$vhost_data['custom_php_ini_dir'] = escapeshellcmd($custom_php_ini_dir);
$vhost_data['logging'] = $web_config['logging'];
// Custom Apache directives
if(intval($data['new']['directive_snippets_id']) > 0){
......@@ -2248,7 +2252,7 @@ class apache2_plugin {
if($data['old']['type'] != 'vhost') $app->system->web_folder_protection($data['old']['document_root'], true);
}
//* This function is called when a IP on the server is inserted, updated or deleted
//* This function is called when a IP on the server is inserted, updated or deleted or when anon_ip setting is altered
function server_ip($event_name, $data) {
global $app, $conf;
......@@ -2261,6 +2265,7 @@ class apache2_plugin {
$tpl = new tpl();
$tpl->newTemplate('apache_ispconfig.conf.master');
$tpl->setVar('apache_version', $app->system->getapacheversion());
$tpl->setVar('logging', $web_config['logging']);
$records = $app->db->queryAllRecords("SELECT * FROM server_ip WHERE server_id = ? AND virtualhost = 'y'", $conf['server_id']);
$records_out= array();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment